A. Windows Server 2003 provides the Dsadd command, which lets you add objects (e.g., computers, contacts, groups, organizational units--OUs, quotas, users) to AD. The basic command syntax is

dsadd user -samid -pwd

For example, to add user John to AD, I typed

C:\> dsadd user CN=John,CN=Users,DC=it,DC=uk,DC=savilltech,DC=com -samid John -pwd Pa55word

The system returned

dsadd succeeded:CN=John,CN=Users,DC=it,DC=uk,DC=savilltech,DC=com

For a full list of options, type

C:\> dsadd user /?

The options let you set the user's full name details, email, group ownership, and Web page as well as set the password to never expire. The following example shows the use of several of these options:

C:\>dsadd user CN=John,CN=Users,DC=it,DC=uk,DC=savilltech,DC=com -samid John -pwd Pa55word -fn John -ln Savill -display "John Savill" -email john@savilltech.com -webpg http://www.savilltech.com -pwdneverexpires yes -memberof "CN=Domain Admins,CN=Users,DC=it,DC=uk,DC=savilltech,DC=com"

dsadd succeeded:CN=John,CN=Users,DC=it,DC=uk,DC=savilltech,DC=com

Notice that the "-memberof" option, which specifies the user's group ownership, is in quotes because the DN contains spaces.